Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by MIRAXTSEOS (04-04-2017 20:01:52) Running from C:\Users\MIRAXTSEOS\Downloads Windows 8 Pro (X64) (2017-01-31 02:59:44) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-744695071-1308574476-4074454066-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-744695071-1308574476-4074454066-503 - Limited - Disabled) Guest (S-1-5-21-744695071-1308574476-4074454066-501 - Limited - Disabled) MIRAXTSEOS (S-1-5-21-744695071-1308574476-4074454066-1001 - Administrator - Enabled) => C:\Users\MIRAXTSEOS ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Disabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} AS: Avast Antivirus (Disabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) Ansel (Version: 378.92 - NVIDIA Corporation) Hidden Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software) AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies) AVG (Version: 1.162.1 - AVG Technologies) Hidden AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies) AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.2.3008 - AVG Technologies) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{88D5D9A4-48C4-4D0A-88B9-3E18661CF0D9}) (Version: 57.0.2987.37 - Google Inc.) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd) Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment) Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) Discord (HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dota 2 (HKLM\...\Steam App 570) (Version: - Valve) Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.) f.lux (HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\Flux) (Version: - ) FMW 1 (Version: 1.182.1 - AVG Technologies) Hidden GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HandBrake 1.0.3 (HKLM-x32\...\HandBrake) (Version: 1.0.3 - ) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.9.6 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.92 - NVIDIA Corporation) NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation) NVIDIA Graphics Driver 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.92 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project) Online.io Application (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.7.1001 - ooVoo LLC.) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.14.7 - Razer Inc.) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.) Resident Evil 7: Biohazard (HKLM-x32\...\Resident Evil 7: Biohazard_is1) (Version: - ) SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Spotify (HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) The Witcher 3 - Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.30.0.0 - GOG.com) Town of Salem (HKLM\...\Steam App 334230) (Version: - BlankMediaGames) Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games) VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-744695071-1308574476-4074454066-1001_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\MIRAXTSEOS\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-744695071-1308574476-4074454066-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\MIRAXTSEOS\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-744695071-1308574476-4074454066-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\MIRAXTSEOS\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Skype Technologies S.A.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0FFD893B-060F-44F6-89C3-05651321B8A4} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION Task: {10DA6337-7039-4ACE-92AE-38B1E067E633} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation) Task: {1E226587-B883-4258-AFBF-558301AE649C} - System32\Tasks\update-S-1-5-21-744695071-1308574476-4074454066-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {229869E6-E0EB-472B-9ABD-95A0698522CA} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION Task: {297E1BBD-F85E-4175-A5B4-0B4E103296E7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation) Task: {29DB1996-E906-4F80-8E9B-3DA464154629} - System32\Tasks\{644EB9A8-C793-4D07-9477-F64DCA331D4F} => Chrome.exe hxxps://ui.skype.com/ui/0/7.32.0.103/el/abandoninstall?source=lightinstaller&page=tsInstall Task: {2DDEBAC9-FDB2-4D9F-BC31-B1C7BA8988AA} - System32\Tasks\Online Application v209 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION Task: {39D62AC0-C433-4632-96BD-3DF56287177E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-30] (Google Inc.) Task: {3D2A1ACE-552F-4CA7-961B-7252C7914989} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION Task: {3E7BC17F-8C69-4E37-BDF3-A04E48B39C1C} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION Task: {5777FEBA-E03B-4755-B79D-4CEC7DE92E3F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {57C3A06A-6B99-4BF3-AC18-1726FB69427F} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION Task: {5919953F-7DD7-42A3-A6FE-27F9407852C6} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {5DC08C3F-3DC9-4C66-AF2D-3F269C2B7546} - System32\Tasks\Online Application v2 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION Task: {5E8BF360-E16B-410B-BAF9-886AECBF17B5} - System32\Tasks\Online Application Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION Task: {62CFE543-1C55-40F7-9FE2-273DA82C7C38} - System32\Tasks\Online Application v2 => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION Task: {70695785-83BA-431C-9271-E144C2EAEF0E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.) Task: {7C53B376-572C-4B4A-BF34-EDC71C300B89} - System32\Tasks\Online Application v2 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION Task: {7DDF7C7B-F628-45AF-95A2-D6A9C1ECEC50} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {8047FCC9-E2CA-4334-AED7-4D100B91D758} - System32\Tasks\Online Application Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION Task: {808E1BE0-3185-4565-AF23-0231D4448697} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-03-02] (AVG Technologies CZ, s.r.o.) Task: {82F0CFE6-B257-437C-A1EC-BF450D475FB3} - System32\Tasks\autohotkey => C:\Windows\system32\autohotkey.exe [2017-02-03] () Task: {8A5C1818-3D8C-421A-B829-B0395907D3F4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation) Task: {8F43F2A3-7345-494E-A12F-B103621C766E} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION Task: {95182836-93E2-4DAA-92B1-A09C0A43BF8E} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION Task: {954CEF2D-B5AD-483F-98BF-407B6BE3F0E8} - System32\Tasks\CCleanerSkipUAC => D:\ccleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {9AA3A392-14AE-46FA-9965-316DF3A69AB5} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic Task: {A248C2C0-4772-42D7-96BB-9C95C718E68F} - System32\Tasks\Online Application v209 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION Task: {AA6D2727-893F-4939-84A5-F2C38A4BE7C9} - System32\Tasks\{2AFFAD9F-254B-4687-8B72-72CD39BB5D55} => Chrome.exe hxxps://ui.skype.com/ui/0/7.32.0.103/el/abandoninstall?source=lightinstaller&page=tsInstall Task: {AFA9A8AA-695C-43AA-AE3A-B41DE427A19C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-30] (AVAST Software) Task: {B8D1A899-12E2-47C2-960F-892BF5B8658A} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION Task: {BA8EE4A1-1587-4F0E-82AF-ABBF551F950F} - System32\Tasks\Online Application Updater => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe [2017-02-15] (Microleaves) <==== ATTENTION Task: {BB37FE0E-A664-4DCB-A266-1CE12C4533AF} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation) Task: {C00D8012-214A-4FF6-9177-2C4C25608B03} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION Task: {C67E8B58-6F36-430B-BDCF-5307CE782B2A} - System32\Tasks\Online Application => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION Task: {C98DF076-603E-4718-9E03-4A64FE216639} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {CCEB46B7-EB60-4B93-B690-20FD9602FC91} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2017-02-15] (Microleaves) <==== ATTENTION Task: {D22037E4-2840-4C55-A358-812383CA2EC5} - System32\Tasks\Online Application v209 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION Task: {DEB92123-0ECC-48E8-B57B-C87C615EB010} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {EAEE2AE5-BA43-4886-9C62-5F4567A74E15} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {F97122B1-D32E-4363-B661-658CDD5B9A37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-30] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Online Application Updater.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application v2 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application v2 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application v2.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application v209 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application v209 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application v209.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange Updater.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\update-S-1-5-21-744695071-1308574476-4074454066-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION ShortcutWithArgument: C:\Users\MIRAXTSEOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ShortcutWithArgument: C:\Users\MIRAXTSEOS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\MIRAXT~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\MIRAXTSEOS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\MIRAXT~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\MIRAXTSEOS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1ebd56dad7f13a36\Skype.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lifbcibllhkdhoafpjfnlhfpfgnpldfl ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\MIRAXT~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-03-15 03:15 - 2017-03-04 10:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-01-31 05:54 - 2017-03-17 02:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-30 20:13 - 2017-01-30 20:13 - 00026112 _____ () C:\Windows\KMS-R@1n.exe 2017-01-31 19:16 - 2017-02-23 21:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-01-31 19:16 - 2017-02-23 21:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-25 02:20 - 2016-09-25 02:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-03-15 03:15 - 2017-03-04 10:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2017-01-31 15:48 - 2017-01-31 15:48 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 03:15 - 2017-03-04 09:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-15 03:15 - 2017-03-04 09:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 03:15 - 2017-03-04 09:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 03:15 - 2017-03-04 09:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-03-15 03:15 - 2017-03-04 09:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-03-15 03:16 - 2017-03-04 09:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-01-19 06:22 - 2017-01-19 06:22 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2017-02-02 07:22 - 2017-02-01 12:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-02 07:22 - 2017-02-01 12:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll 2017-03-01 01:51 - 2016-03-31 18:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2017-01-31 19:16 - 2017-02-23 21:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-01-31 19:16 - 2017-02-23 21:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2017-01-31 19:16 - 2017-02-23 21:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-01-31 19:16 - 2017-02-23 21:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-01-31 19:16 - 2017-02-23 17:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-01-31 19:16 - 2017-02-23 17:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-01-31 19:16 - 2017-02-23 17:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-01-31 19:16 - 2017-02-23 17:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-01-31 19:16 - 2017-02-23 17:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-01-31 19:16 - 2017-02-23 17:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-01-16 14:40 - 2017-01-16 14:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 53018112 _____ () D:\GOG Galaxy\libcef.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00507968 _____ () D:\GOG Galaxy\PocoUtil.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 01854528 _____ () D:\GOG Galaxy\PocoData.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00393280 _____ () D:\GOG Galaxy\PocoDataSQLite.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 01589312 _____ () D:\GOG Galaxy\PocoFoundation.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 01076800 _____ () D:\GOG Galaxy\PocoNet.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00307776 _____ () D:\GOG Galaxy\PocoNetSSL.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00330816 _____ () D:\GOG Galaxy\PocoJSON.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00104000 _____ () D:\GOG Galaxy\zlib.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00520768 _____ () D:\GOG Galaxy\PocoXML.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00272448 _____ () D:\GOG Galaxy\PocoZip.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00425536 _____ () D:\GOG Galaxy\pcre.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00680000 _____ () D:\GOG Galaxy\sqlite.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00157760 _____ () D:\GOG Galaxy\PocoCrypto.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00152128 _____ () D:\GOG Galaxy\expat.dll 2017-01-30 22:16 - 2016-10-08 10:13 - 50656768 _____ () C:\Users\MIRAXTSEOS\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-01-30 22:16 - 2016-10-08 10:13 - 01874944 _____ () C:\Users\MIRAXTSEOS\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-01-30 22:16 - 2016-10-08 10:13 - 00075264 _____ () C:\Users\MIRAXTSEOS\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 01738752 _____ () D:\GOG Galaxy\libglesv2.dll 2017-03-30 23:56 - 2017-03-16 16:46 - 00078848 _____ () D:\GOG Galaxy\libegl.dll 2017-03-24 17:59 - 2017-03-10 03:13 - 00674592 _____ () D:\STEAM\SDL2.dll 2017-02-02 20:00 - 2016-09-01 04:02 - 04969248 _____ () D:\STEAM\v8.dll 2017-03-24 17:59 - 2017-03-23 03:52 - 02465056 _____ () D:\STEAM\video.dll 2017-02-02 20:00 - 2016-01-27 10:49 - 02549760 _____ () D:\STEAM\libavcodec-56.dll 2017-02-02 20:00 - 2016-01-27 10:49 - 00491008 _____ () D:\STEAM\libavformat-56.dll 2017-02-02 20:00 - 2016-01-27 10:49 - 00332800 _____ () D:\STEAM\libavresample-2.dll 2017-02-02 20:00 - 2016-01-27 10:49 - 00442880 _____ () D:\STEAM\libavutil-54.dll 2017-02-02 20:00 - 2016-01-27 10:49 - 00485888 _____ () D:\STEAM\libswscale-3.dll 2017-02-02 20:00 - 2016-09-01 04:02 - 01563936 _____ () D:\STEAM\icui18n.dll 2017-02-02 20:00 - 2016-09-01 04:02 - 01195296 _____ () D:\STEAM\icuuc.dll 2017-03-31 10:24 - 2017-03-31 01:46 - 00848672 _____ () D:\STEAM\bin\chromehtml.DLL 2017-02-02 20:00 - 2016-07-05 01:17 - 00266560 _____ () D:\STEAM\openvr_api.dll 2017-03-10 23:39 - 2017-01-31 00:41 - 68875552 _____ () D:\STEAM\bin\cef\cef.win7\libcef.dll 2017-03-24 17:59 - 2017-03-23 03:52 - 00383776 _____ () D:\STEAM\steam.dll 2017-02-02 20:00 - 2015-09-25 02:52 - 00119208 _____ () D:\STEAM\winh264.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 10:24 - 2015-10-30 10:21 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-744695071-1308574476-4074454066-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MIRAXTSEOS\Desktop\3aTCH33.jpg DNS Servers: 209.244.0.3 - 209.244.0.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: IObitUnSvr => 2 MSCONFIG\Services: TeamViewer => 3 HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "BCSSync" HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-744695071-1308574476-4074454066-1001\...\StartupApproved\Run: => "Screenleap" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{46456E4A-7112-4D45-B10C-61CFAD2950FA}] => (Allow) C:\Users\MIRAXTSEOS\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5871C0E2-636D-4C12-889C-085D947E1DB0}] => (Allow) C:\Users\MIRAXTSEOS\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{01DB807F-87C6-44E8-8F94-990E9B49F99A}] => (Allow) C:\Users\MIRAXTSEOS\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E28C02C2-F783-49F3-8194-9906EE3DF97E}] => (Allow) C:\Users\MIRAXTSEOS\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8BBC6990-43F3-4C3B-A0A7-3CF2904E172C}] => (Allow) C:\Users\MIRAXTSEOS\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2DA3CA5A-AB63-471C-AA45-244AF10475FE}] => (Allow) C:\Users\MIRAXTSEOS\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D2531887-88AB-41EF-AD1E-22D6E785F0A6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E9881507-5AF9-44D4-AD9F-0621B9E4A371}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{229D55BD-67BD-4E48-B6E7-BCF14D99C2E6}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{39549072-1567-4902-84C6-FCA951F6FE6D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{79FF2EC0-765B-4880-8663-765E8005C0EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7F840876-0751-4AD4-B498-DC70E3DE0312}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{1CF756AF-3A3D-4154-9D59-723E49E1C4FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{65B75140-7441-42E8-BAA6-2D66AF511032}C:\users\miraxtseos\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miraxtseos\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{CE08F3B1-4FE5-42B2-8AA8-36CB9FF1E368}C:\users\miraxtseos\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miraxtseos\appdata\roaming\spotify\spotify.exe FirewallRules: [{0A3CE75E-4104-4F09-9A89-F97AADD456C7}] => (Allow) D:\STEAM\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D736BD1C-7A10-4CDA-A87D-CF39372A1F33}] => (Allow) D:\STEAM\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{81E48BDA-8C5F-4621-8CF5-9E4F84DCFBDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{D25C61B4-A1C5-418B-9F15-3B44331266DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{5261B093-99AB-4315-8B2A-857944112ED2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5AE827EA-4263-4205-8256-B53C3E31008A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6E028C84-22BB-4E5A-AB0F-C780C918B34F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E86332E3-FDCC-4359-BDB4-2E02B3B1C9D5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{BAE930BB-952A-4940-8908-CAFFA0776232}] => (Allow) D:\STEAM\Steam.exe FirewallRules: [{4081CA68-17EF-4FCB-9148-B61120AAA6C7}] => (Allow) D:\STEAM\Steam.exe FirewallRules: [{CEA455BC-9157-4B49-BD0D-293544A7A0C1}] => (Allow) D:\STEAM\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{3E1BE0CB-98AD-420D-9790-18D9AD7F3413}] => (Allow) D:\STEAM\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{20FA1EE6-6443-4CDA-83E9-4CF5B0A4C518}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EB36D8E6-7326-4239-990D-D77C9896192B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EDBD4E93-5B73-4B90-A8AD-20B5B215FEBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7F9B361A-88DD-45C6-BCBC-F54AEF23E4A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{42F5602A-70B2-4942-B844-83C014B311C6}] => (Allow) D:\STEAM\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{E1FE3767-2BC4-4A14-8BF0-A673F8D01BE3}] => (Allow) D:\STEAM\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{45DEEA7E-D4B7-4D0E-8385-C2DFE13B6031}] => (Allow) D:\STEAM\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{94657D41-E6B3-458E-9E2C-FA6277C829CE}] => (Allow) D:\STEAM\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{7954A182-83B0-49AA-BBBA-EE79BAB975B3}] => (Allow) D:\STEAM\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{EBB847C5-3B57-4FEC-BC86-4FB3CE84CD73}] => (Allow) D:\STEAM\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{6354F6BD-7115-4234-B373-2F0E3A83B743}] => (Allow) D:\STEAM\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{0F05D1E7-752F-4E46-9B3B-2DF2D004020C}] => (Allow) D:\STEAM\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{FD5A0B3E-2F73-48B4-8588-5E4501F145F1}] => (Allow) D:\STEAM\steamapps\common\Unturned\Unturned.exe FirewallRules: [{39E17821-6F24-42E2-BEB8-BE72E1FBA2A4}] => (Allow) D:\STEAM\steamapps\common\Unturned\Unturned.exe FirewallRules: [TCP Query User{D6E86E3F-2E49-4426-8DAD-C3C5B5544F87}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe FirewallRules: [UDP Query User{8C67F72D-25AD-4A20-A97B-41A2D8BCA88D}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe FirewallRules: [TCP Query User{3D42CF11-D82D-4B4A-BEED-30456EA3653E}C:\users\miraxtseos\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\miraxtseos\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [UDP Query User{BD3599E2-F18D-4853-89DE-D8FF36A62791}C:\users\miraxtseos\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\miraxtseos\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [TCP Query User{A4A72557-FD97-4E16-85EE-6F6659515B12}C:\users\miraxtseos\downloads\enter.the.gungeon.v1.1.2\enter.the.gungeon.v1.1.2\etg.exe] => (Allow) C:\users\miraxtseos\downloads\enter.the.gungeon.v1.1.2\enter.the.gungeon.v1.1.2\etg.exe FirewallRules: [UDP Query User{C225DAAE-12BF-4F07-9FDE-780FA5E76B9D}C:\users\miraxtseos\downloads\enter.the.gungeon.v1.1.2\enter.the.gungeon.v1.1.2\etg.exe] => (Allow) C:\users\miraxtseos\downloads\enter.the.gungeon.v1.1.2\enter.the.gungeon.v1.1.2\etg.exe FirewallRules: [TCP Query User{C2086746-F662-4561-9BA0-87FB59BE8A00}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{630FF493-CC0E-46D6-85CB-8652F376F41B}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{5573201E-EAEB-4927-BDFF-3A06FCC3BE99}C:\users\miraxtseos\downloads\astroneer.pre-alpha.v0.2.10125.0\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\miraxtseos\downloads\astroneer.pre-alpha.v0.2.10125.0\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [UDP Query User{DBA3E4D2-D6D7-4AF5-B1BB-ECD003AE7948}C:\users\miraxtseos\downloads\astroneer.pre-alpha.v0.2.10125.0\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\miraxtseos\downloads\astroneer.pre-alpha.v0.2.10125.0\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [TCP Query User{F3BC7923-D9A5-4D14-B3ED-A592AEE61C1F}D:\ληψεισ\oxygen.not.included.v208689\oxygen.not.included.v208689\oxygennotincluded.exe] => (Allow) D:\ληψεισ\oxygen.not.included.v208689\oxygen.not.included.v208689\oxygennotincluded.exe FirewallRules: [UDP Query User{0B329720-2B37-4765-A7FD-BC22845A538C}D:\ληψεισ\oxygen.not.included.v208689\oxygen.not.included.v208689\oxygennotincluded.exe] => (Allow) D:\ληψεισ\oxygen.not.included.v208689\oxygen.not.included.v208689\oxygennotincluded.exe FirewallRules: [TCP Query User{4DE34A50-D58C-4800-9C77-EC46ED5B44F3}C:\users\miraxtseos\downloads\oxygen.not.included.build.206776\oxygennotincluded\oxygennotincluded.exe] => (Allow) C:\users\miraxtseos\downloads\oxygen.not.included.build.206776\oxygennotincluded\oxygennotincluded.exe FirewallRules: [UDP Query User{C1DD9E19-135B-422A-A36E-06F26BC44B43}C:\users\miraxtseos\downloads\oxygen.not.included.build.206776\oxygennotincluded\oxygennotincluded.exe] => (Allow) C:\users\miraxtseos\downloads\oxygen.not.included.build.206776\oxygennotincluded\oxygennotincluded.exe FirewallRules: [{D1F59787-405E-440F-B694-5F64058CE330}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BD562F2E-F78A-4E08-A51C-1939264B97FF}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E814BF93-4E0E-4376-9A9E-E2A725F859CE}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{104FF757-804C-4868-B5B8-5FDD7A9917EA}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{7CBC4FEB-1FB1-4A15-95A2-FC1586C3DD17}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{15E4D539-50BE-481A-BF88-8EFA943C1274}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{534C05B2-452C-473A-9F36-2EFA343B5BE9}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F2D748A7-FF30-491A-BA66-8341CB578A47}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{27029ED3-1F85-4429-BC7B-EB9AD3371DFE}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{99873266-4E56-4FC3-A6B0-1FEE1226F67A}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{BAF3A476-D1DE-4847-9842-0CD0536599A2}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0CB504BB-D5D2-4580-868A-F218509B309C}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{78EDAF7B-BFAB-4D1C-8E7F-EF1BDC0D0E8B}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B60BB4EA-65EE-4942-8481-8F19B7E7C705}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{5CE4BE5F-EA5C-4BA2-80D9-3286ACC44EAB}C:\users\miraxtseos\downloads\the.wild.eight.v0.3.10\the.wild.eight.v0.3.10\wildeight.exe] => (Allow) C:\users\miraxtseos\downloads\the.wild.eight.v0.3.10\the.wild.eight.v0.3.10\wildeight.exe FirewallRules: [UDP Query User{7577E277-447F-46B7-92B0-72A7FDD2BCA7}C:\users\miraxtseos\downloads\the.wild.eight.v0.3.10\the.wild.eight.v0.3.10\wildeight.exe] => (Allow) C:\users\miraxtseos\downloads\the.wild.eight.v0.3.10\the.wild.eight.v0.3.10\wildeight.exe FirewallRules: [{EF23137E-F8DC-4A57-BF72-33D655DA8B20}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{17C515B7-42F8-4616-989F-58A0F5F34A83}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1375C8F7-416B-4EB4-85B8-F3EC1EA2D5B5}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{816A94B0-49AE-474E-9A77-18F6A7002B4C}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EE28C5E4-BD01-4BF5-BC8C-7A238A7CAF30}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B1128C7C-0B08-47E8-BE97-BBB32AFCC295}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AF7A4AB3-D386-4DC3-B55E-061207E4FC59}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C997BA39-C402-4179-8285-D1F294ECDE8B}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6BEC7856-8792-4B2A-AD9D-0B50BC48CC91}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5A38DED0-72E6-4DEE-AA14-EA6C8362C2B2}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{15C06430-FA53-4F1C-9C83-24B19B06EE5A}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\57.0.2987.37\remoting_host.exe FirewallRules: [{C3E2B509-7183-4CB2-8A2F-B86BCE28D1F2}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{23E1F20B-CF18-44EB-BBAF-7C21FEB68E5F}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B0C84730-F9B8-422F-871B-4F1B725A2E43}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5BB663F9-2A65-4703-A6F9-310610CEE634}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{112898BD-4F83-46D0-9D33-34864E08EDCD}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FCA37580-7679-4234-9771-8CC3C34B9C9E}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2829AC3C-E080-49CE-BB35-FF1BFA557334}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CD0D8C02-E5B7-45F8-8816-980DAFFC9087}] => (Allow) D:\STEAM\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{56C7DF79-63C5-416A-88F1-2D532EF32572}] => (Allow) D:\STEAM\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{84814B70-9294-41FB-BE09-62CE9976DE26}] => (Allow) D:\STEAM\steamapps\common\Path of Exile\PathOfExileSteam.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/04/2017 07:52:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/04/2017 07:49:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/04/2017 07:49:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (04/04/2017 07:43:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/04/2017 07:42:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/04/2017 07:33:03 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (04/04/2017 07:32:57 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll". Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/04/2017 07:32:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (04/04/2017 07:32:15 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {6bddd83c-d63a-4ee6-b3c7-7eae998e3046} Error: (04/04/2017 07:28:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable System errors: ============= Error: (04/04/2017 07:53:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/04/2017 07:49:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/04/2017 07:49:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Defender Service service to connect. Error: (04/04/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avgsvc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/04/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the avgsvc service to connect. Error: (04/04/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! Antivirus service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/04/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the avast! Antivirus service to connect. Error: (04/04/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AVG Antivirus service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/04/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Antivirus service to connect. Error: (04/04/2017 07:47:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-02-05 02:50:57.895 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MIRAXTSEOS\AppData\Local\Temp\andy-x64\tools\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:57.875 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MIRAXTSEOS\AppData\Local\Temp\andy-x64\tools\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:57.857 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:57.841 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:49.105 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:49.092 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:48.016 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:48.002 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:47.421 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MIRAXTSEOS\AppData\Local\Temp\andy-x64\tools\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-05 02:50:47.407 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MIRAXTSEOS\AppData\Local\Temp\andy-x64\tools\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz Percentage of memory in use: 50% Total physical RAM: 7315.44 MB Available physical RAM: 3623.99 MB Total Virtual: 11155.44 MB Available Virtual: 7087.74 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.3 GB) (Free:12.92 GB) NTFS Drive d: (STORAGE) (Fixed) (Total:931.51 GB) (Free:645.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D2A3DB45) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D2A3DB5D) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================